I have an Android app on the Google Play. I have made big changes, so I want users to have a clean install of my app. If I change my app signature (= different keystore and new key), how it will look like, when former android user of my app installs this newer version? Will be the older version of my app first properly and automaticaly uninstalled in the background and then my new version of an app will be installed?
Thx
Your package name is unique. So if you want to change the keystore you will have to change the package name. If you change the package name Google Play won't know the apps are related, so nothing will be deleted. Google Play also won't accept your apk with the same package name if it isn't signed with the same keystore as the old upload.
To be clear: to use your existing PlayStore entry you need to use the same package name and the same keystore.
Afaik there is no possibility to automatically uninstall your app. You could try to wipe your data when starting the updated app. I would rather do that than force the user to download a new app, since not all of your users will do that.
See this or even better that for reference on how to delete your data.
What happens if you just update your app? Well, all of your code is replaced. It really is a reinstall of your app. However, only the code is deleted and reinstalled. Sharedpreferences (which are just some xml files android stores for you), downloaded and stored files etc. won't be deleted. Thats where you should delete the data. Delete the directories you created in order to save files. Nullify your SharedPreferences. But keep in mind that users won't like it if appdata is reset. Let them keep at least their logindata if possible.
Related
At this Android Developers link it is stated that
The value of ANDROID_ID does not change even if a system update causes the package signing key to change.
Can a system update change an app's package signing key? And if so, how?
The only way a system update could change a package's signing key is if that package is in the system image. A normal app (that is, one downloaded from the app store that is not part of the system image) would not have its signing key changed.
That is to say: a system update, without a factory reset or a reinstall of the app, will not change the app's ANDROID_ID, and it won't change the signing key either, except possibly if that app is included with the system image.
I need to be able to clear the internal storage directory of my application when the user uninstalls my app. How can I do this?
I am in the testing phase of building a security app which requires an ID to be set by an admin when the application is first installed to a user's phone. The ID file cannot be in external storage because I do not want any tampering.
In the event that an administrator gives a user the incorrect ID, they will not be able to fix this by uninstalling the app right now. I have tried uninstalling the app (and clearing cache, etc) to clear the ID data. Upon reinstalling the application, the files still exist, so the ID number cannot be changed.
I am saving the file to the main internal files directory for my application, if that helps.
IDFile = new File(context.getFilesDir(),"ID_Data.txt");
It's not possible to remove the internal storage, an app doesn't get a callback when uninstalled, so there's nothing it can do to wrap things up.
But it should work for external storage: Use getExternalFilesDir() and/or getExternalCacheDir() for your files on external storage ("sdcard"). Those directories are automatically removed when your app is uninstalled.
(source)
You can consider another approach - encrypt the files that the app stores with a key stored only in your code, so decryption will be possible only by the app, and when uninstalled - the remaining files will remain encrypted.
Idea #2
Delete data of older installation, if re-installed
Upon launch of your app, check if there's a preference "first_run", and if it's empty - create one with current time.
If there is already such a preference, you need to check if it's from this installation of from an old one: check the actual install time.
If your preference is smaller than the install time: delete all the old files.
In the manifest specify AutoBackup to "false"
android:allowBackup="false"
https://developer.android.com/guide/topics/data/autobackup.html
I am trying to understand what exactly is going on when you install an application (APK) on an Android device. I guess that files are are extracted from the package and copied somewhere on the device.
Are there other steps going on? For example, is the package name of the application written somewhere in the OS like in somekind of registry?
Is the application version number written as well somewhere or the OS reads the xml manifest of the application to know its installed version?
This is related to another question where I suspect that some data was not erased correctly during the uninstallation of a debug app and I am trying to find what that might be.
There will be files/dirs created in various locations, not necessary in all possible locations for every app though, it depends on how the app is configured.
This list is not necessarily complete.
Files/dirs:
/data/data
/data/app
/data/app-asec
/data/app-lib
/data/dalvik-cache
/data/local/tmp
/mnt/asec
/mnt/obb
/mnt/sdcard/Android/obb
/mnt/sdcard/Android/data
Your app will also get an entry in these files:
/data/system/packages.list
/data/system/packages.xml
/data/system/appops.xml
Is is possible to create a new APK by overloading/overriding and existing APK.
Say, we have WhatsApp messenger. Now if I want to show a notification like, "Person X is online now.", in notification area, it is not possible using the existing WhatsApp messenger. So, I'd like to develop a new custom messenger, which uses all the functionality of WhatsApp messenger, with some of my custom code. Just like importing JARs, can we import APK...??
This seems like using another persons work, but just from learning point of view, I'd like to know the possibilities. As of now, lets leave all the, security, vulnerability.
In a nutshell, no.
APKs are not like Jar files such that you can simply import them into your app. They also contain other resources like the XML and assets. The code is kept in a classes.dex file, which is generated from the Jar file of the app code.
Moreover, each app runs in its own DVM, and is sandboxed to prevent this kind of interaction between apps. You cannot simply use WhatsApp's code in your own app as a third party apps.
There are however two ways to achieve what you want.
If the app you are targeting provides an API by means of content providers, or even web services that you can use to access their data and events like users coming online. WhatsApp does not offer any such API
You decompile the target app, and insert your own code to do what you want. This can be very hard because most popular apps, like WhatsApp, obfuscate their code making it hard to decipher (but not impossible). Additionally, WhatsApp encrypts most of its data like messages, contacts, chat threads etc using AES, which adds an additional layer to bypass in some places. Oh, and it also violates several IP and copyright laws if you do this.
Yes and No.
There are a couple of ways for an app - a standalone one - to share its information with other apps. One is through the use of a content provider, the other through custom broadcasts.
If, say, WhatsApp has documented its app and was built such that you can build on it further, you can catch those broadcasts and listen to those providers such that your app can also react upon the changes made in WhatsApp.
you can create a config.properties file and insert it in Asset folder in your wattsup messenger assuming you have the source code,
Now you will have to configure your custom application to write that changes in this file, however you can change these data in several ways such as webservices that allows you to modify that data in that file through them .
ok with the above scenario, you can make the changes,but your application will never update that changes coz your dealing with an APK not a code,therefore you will have to re-generate the APK again so it will take the latest changes .
for an automated APK generating you can use ANT tools, by placing a build.xml file in your wattsp sources
code you can run that script which ant release that will generate the new APK with the latest code
as you said these are possibilities still but in my opinion in the end you cant use the APK as a library
I have an SQLite database stored in the assets resources of one application used to load UI and other stuff into the app, mainly just holding text nothing out of the ordinary. I want to be able to get a writable version of this database so I can modify it from another application.
Example:
First application is on the market with limited number of enabled features. User gets to a certain point where they need to buy extra content to do more stuff in the app. The original app has these features but they are not enabled in the app using the database. I want the user then to download a second app from the market which is just used to change one field in the database from disabled to enabled thus unlocking the new features.
I have an idea I may need to use content providers but my understanding is once created they are accessible to all applications. I need it, for piracy reasons I guess, to only be able to communicate with apps signed off by my key.
Thanks
Sam,
I understand what you intend to do, but you are going about it the wrong way. Your 'Unlock App' would not be able to modify the Database in the assets folder of your 'Free App'. That's just general android security model stuff.
You may want to look at this question: How can I use the paid version of my app as a "key" to the free version?
It describes how you can create a 'Unlock App' on the market to unlock features of your 'Free app' without needing to actually modify any of the original data in the 'Free App'.
Good luck